package com.dongdongshop.config;

import com.dongdongshop.pojo.TbUser;
import com.dongdongshop.service.TbUserService;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class UserRealm extends AuthorizingRealm {

    @DubboReference
    private TbUserService tbUserService;

    /*
    *   AuthorizationInfo
    *   执行授权逻辑
    * */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return null;
    }
    /*
    * AuthenticationInfo
    * 执行登录认证
    * */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        /*获取录入的账号密码*/
        UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
        /*更具录入的账号获取数据库的密码*/
        TbUser user = tbUserService.selectByUserName(token.getUsername());
        if (user == null){
            /*用户不存在*/
            return null;
        }
        /*判断密码*/
        return new SimpleAuthenticationInfo(user,user.getPassword(), ByteSource.Util.bytes(user.getSalt()),user.getUsername());
    }
}
